> Here is a list of places in 2.1.80 that call copy_to_user and expect
> it to return -EFAULT, or a negative number, on error. These callers
> are wrong.
>
> I think most, or all, of these places will work correctly as long
> as the addresses are supplied are valid. In that case copy_to_user
> returns 0 and every caller accepts 0 as a sign of success.
Hi Michael,
Thanks, your list is very useful. I've fixed the kernel/signal.c cases and
picked up a couple of other problems while reviewing the code.
Another point I'd like to mention again -- copy_xx_user can block, so it's not
correct to call it with interrupts turned off, for example. So when making the
changes to fix the return values, it's a good idea to check around for race
conditions as well.
Regards,
Bill